High severity7.5NVD Advisory· Published Jan 31, 2023· Updated Jun 17, 2026
CVE-2022-32984
CVE-2022-32984
Description
BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using the internal lightning node, the credentials of a lightning node are exposed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- BTCPay Server/BTCPay Serverdescription
- Range: 1.3.0 - 1.5.3
Patches
Vulnerability mechanics
References
1- blog.btcpayserver.org/btcpay-server-cve-2022-32984/nvdVendor Advisory
News mentions
0No linked articles in our index yet.